Код:
begin
DeleteFileMask(GetAVZDirectory+'Quarantine', '*.*', true);
SearchRootkit(true, true);
SetAVZGuardStatus(true);
TerminateProcessByName('c:\windows\system32\msdrve.exe');
TerminateProcessByName('c:\windows\system32\dn.exe');
QuarantineFile('C:\WINDOWS\msdrv32.exe','');
QuarantineFile('C:\WINDOWS\Sf3TJ.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\gpp3g.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-4885038334-8686716833-609895878-1978\wnzip32.exe','');
QuarantineFile('C:\WINDOWS\system32\msdrve.exe','');
QuarantineFile('C:\WINDOWS\system32\dn.exe','');
DeleteFile('C:\WINDOWS\system32\dn.exe');
DeleteFile('C:\WINDOWS\system32\msdrve.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-4885038334-8686716833-609895878-1978\wnzip32.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\gpp3g.exe');
DeleteFile('C:\WINDOWS\Sf3TJ.exe');
DeleteFile('C:\WINDOWS\msdrv32.exe');
DelCLSID('{40WcIYQZ-GGZQ-irKu-D8Su-1V7jUbe5yruL}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mx76SJBAbE1Qpw');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','pldELx9gvdHT9M82');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','pldELx9gvdHT9M82');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','pldELx9gvdHT9M82');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Tpp3');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Windows Data Serivce');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','RAS Connection Server');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunServices','RAS Connection Server');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','RAS Connection Server');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunServices','RAS Connection Server');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','RAS Connection Server');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices','RAS Connection Server');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','RAS Connection Server');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunServices','RAS Connection Server');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Windows System Info Serivce');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('TSW', 2, 2, true);
BC_Activate;
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
RebootWindows(true);
end.
После выполнения скрипта компьютер перезагрузится.